GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

GHSA-6r2x-8pq8-9489: Electron vulnerable to Heap Buffer Overflow in NativeImage

GHSA-v8fr-vxmw-6mf6: Mattermost Incorrect Authorization vulnerability

GHSA-wgvp-jj4w-88hf: Mattermost Incorrect Authorization vulnerability

go-codec-dagpb is an implementation of the DAG-PB spec for Go. The dag-pb codec can panic when decoding invalid blocks. This issue has been patched in version 1.5.0.

**go-codec-dagpb vulnerable to panic when decoding invalid blocks**

High severity GitHub Reviewed Published Dec 28, 2022 • Updated Dec 29, 2022

Headline

GHSA-967g-cjx4-h7j6: go-codec-dagpb vulnerable to panic when decoding invalid blocks

Related news

ghsa: Latest News